Data Encryption

Are You Responsible for Sensitive Data?

Do you store sensitive information on your workstation, laptop, flash drive or mobile device? Do you email sensitive data to persons outside the ECU network? If so, you should encrypt these files and emails to protect them from unauthorized access or theft. Read on to learn categories of sensitive data and a few simple tools you can use to add a significant layer of protection to your information.

What is Sensitive Data?

Sensitive data includes the following:

Credit or debit card numbers

A driver’s license number

Personally identifiable patient information

Personally identifiable student information

Personnel information

Proprietary research data

Legal data

What is Encryption?

Encryption scrambles data to make it unreadable. Only persons with the password “key” can unscramble, or decrypt, the information. This not only prevents identity theft but also protects you and the university from unnecessary liability if your device or email is stolen, hacked or otherwise breached.

BitLocker Drive Encryption

Included as part of Windows 7 and Windows 8.1 Professional, Enterprise and Ultimate editions, BitLocker encrypts an entire drive. A drive can be password-protected, decrypted or BitLocker can be temporarily suspended at any time by the authorized user.

From the Start button, type BitLocker into the search. Choose BitLocker Drive Encryption.

Mac FileVault 2

Available from the Security & Privacy pane of System Preferences. Click the FileVault tab in the pane to enable or disable FileVault.

WinZip Encryption Software

The licensed version of WinZip Pro can encrypt files using 256-bit AES encryption. WinZip Pro can be purchased and downloaded from the WinZip website in single-user or multi-user licensing formats (ECU has no site license for this software).

What About Email?

Email encryption scrambles a message so that only those recipients with the key can unscramble (decrypt) and read the message.

All faculty and staff have encryption enabled and are required to encrypt messages containing sensitive information when addressed to recipients outside the ECU network. For example, do you send HIPAA information to users at Vidant? Then encrypt these messages before sending. Messages sent within the ECU network do not need to be encrypted.